CVE-2008-5140 in mailscannerinfo

Summary

trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/opr.ini.##### or (2) /tmp/lpt*.zip temporary file.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

11/18/2008

Disclosure

11/18/2008

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-59 (Confirmed)

CVSS

8.4

EPSS

0.00036

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-5140
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-5140
CVE Details	https://www.cvedetails.com/cve/CVE-2008-5140/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!